Future Changes to EAV

Discussion in 'ESET NOD32 Antivirus' started by Blackspear, Jan 20, 2008.

  1. karlisi
    Offline

    karlisi Registered Member

    About exclusions.
    I think ESET is doing right, not including MS recommended exclusions in default policy. If you read MS KB, they warn you: We do not recommend this workaround but are providing this information so that you can implement this workaround at your own discretion. Use this workaround at your own risk. So, it is by you to decide.
  2. Reedmikel
    Offline

    Reedmikel Registered Member

    Exclusions (cont'd):

    Karlisi - that's normal Microsoft legalese that their lawyers make them add (much like their hot fixes) :) The same KB article also says:

    When you scan these files, performance and operating system reliability problems may occur because of file locking.


    Again, I suggested this could be added as an optional (check box to enable/disable) policy setting, so that those admins that choose to be blind to potential performance issues can remain so by leaving these MS recommended exclusions disabled...

    Having worked with many AV products, the fact that many of them do exclude certain files tells me there is likely a good reason to do so.
  3. Reedmikel
    Offline

    Reedmikel Registered Member

    EAV BE: show progress of scans on console (EWAC)

    It would be very helpful to see how a scan is progressing when viewed at the console (ERAC). I recently switched from GFI's VIPRE product and their console did show progress in 20% increments. I would think this would be relatively easy to do since the machine is frequently checking in with the ERAS. Why not pass some scan progress data to ERAS periodically?
  4. jpresto
    Offline

    jpresto Registered Member

    False positive alert feed

    We've seen a few false positives hit this week. I'm sure you have a response procedure, it would be incredibly helpful if ESET could incorporate some sort of rss or twitter feed that is immediately updated when these are identified - at least then we can manage the alerts quickly and potentially avoid damaging users systems/servers.
  5. siljaline
    Offline

    siljaline Registered Member

    Re: False positive alert feed

    Add your suggestion here or per usual here
  6. SmackyTheFrog
    Offline

    SmackyTheFrog Registered Member

    Re: False positive alert feed

    I'd like to see something in the uninstall process of Business Edition where the client reports to its ERAS (if a connection is available) that the software was uninstalled which would be viewable in the management console instead of the current behavior of removing without attempting to send any notification.
  7. Reedmikel
    Offline

    Reedmikel Registered Member

    I'll second SmackTheFrog's suggestion that client uninstalls (e.g. NOD32) be visible in ERAC. Be nice if an alert could be generated too using the Notification Manager tool.
  8. shaunwang
    Offline

    shaunwang Registered Member

    Better Rootkit/TLD variant 1/2/3/4 Detection
    Improve Cleaning Capabilities ( Like DrWeb )
    HIPS improvement ( App/Registry monitoring , expand create a tablelist to set rules on these apps )
    GUI ( Make like v2.7 I found it much better lower footprint / lesser resources require No more groovy/funky design it just does not provide functional benefits )
  9. Ego_Dekker
    Offline

    Ego_Dekker Registered Member

    Unfortunately, cleaning will be improved not earlier than in v9, but i hope for the best.
  10. Hagla007
    Offline

    Hagla007 Registered Member

    I would like to suggest a form of "automatic gaming mode" which automatically switch Nod32 or ESS into game mode whenever it launch a game in fullscreen.
  11. Marcos
    Offline

    Marcos Eset Staff Account

    Gamer mode is already incorporated in v5 and is activated for full-screen applications automatically.
  12. Hagla007
    Offline

    Hagla007 Registered Member

    No..? We have to manually enable the gamer mode before we play the/a game.
  13. karlisi
    Offline

    karlisi Registered Member

    Perhaps not exactly EAV feature. Ability to send notifications to workstations from ESET remote administration console. Currently this feature works only for mobile clients.
  14. coch
    Offline

    coch Registered Member

    Not for me. In my case, v5 enables it automatically. There might be a preference that needs to be enabled for ESET to take care of it automatically though,I don't remember exactly.
    However it may be difficult to verify. Start a fullscreen game then ALT-Tab out of the game and look at the ESET tray icon, if you are quick enough you should see the icon turning from orange (gaming mode) to blue/green (normal mode). It might also be possible to verify this by sending the game in fullscreen mode to a secondary monitor and watching the activity of the ESET tray icon.
    I seem to remember one game for which this did not work, but it worked for all other games I tried so far.
  15. DooGie
    Offline

    DooGie Registered Member

    Would love to see a right click option on the tray icon to enable/disable gaming mode.
  16. hopetobe
    Offline

    hopetobe Registered Member

    Can NOD automaticially & sliently block tracking cookies in next generation? Seldom do people use the "Inprivate mode" or know how to set up anti-tracking in various internet explorers. Those tracking cookies and other tracking componets are actually big security risks. More and more identity information of users is revealed by them rather than trojans! Blocking and removing such things is easy and convenient via eset antivirus. Eset, let you protect our digital world a little bit more !
  17. toxinon12345
    Offline

    toxinon12345 Registered Member

    Add a Utility for recreate/reset OS settings such as:

    folder options
    registry tools
    task manager
    CMD prompt
    autorun/autoplay
    control panel
    logoff/shutdown
    internet options
    hidden files
  18. sangam
    Offline

    sangam Registered Member

    i very much agree with toxinon12345. the ability to reset these settings along with a linux live boot cd option with some essential utilities like partition managers, disk repair utilities etc. (the windows boot cd is a shame) will be a sure solution for all infected systems. no other AV vendor gives all these in one solution. i very strongly urge eset to consider this request.
    Last edited: Jun 9, 2012
  19. lodore
    Offline

    lodore Registered Member

    I agree with this.
  20. Brummelchen
    Offline

    Brummelchen Registered Member

    disagree - eset is formerly protection and prevention.
    repair or removal is futile when infected.
    recover with boot medium and rebuild OS from scratch.

    example
    latest rogue came with a java trojan - rogue is found, trojan was not found and still working. epic fail.
  21. Ego_Dekker
    Offline

    Ego_Dekker Registered Member

    Therefore EAV hints us: “Unable to clean” and “Error while cleaning/deleting” Troll_face_white.png . In these cases, there are good free cleaning utilities like AVPTool or Dr.Web CureIt!
  22. Marcos
    Offline

    Marcos Eset Staff Account

    ESET's Windows products already repair crucial registry values that are modified by malware during the cleaning. Of course, an error cleaning a file can also occur when attempting to clean (delete) files on a write-protected medium / folder or if it's a detection of malware in memory while the actual file on the disk could not be located for some reason.
    Any issues with cleaning should be reported to ESET's Customer Care or viruslab, or simply report it here at Wilders' and enclose the appropriate record from the Threat log.
  23. Ego_Dekker
    Offline

    Ego_Dekker Registered Member

    Suggestion: collect information about cleaning/deleting problems and submit it via ESET Live Grid to ESET's labs for further improvements. And update your removal tools as often as possible.
  24. toxinon12345
    Offline

    toxinon12345 Registered Member

    SysInspector is an utility for assessment/logging/support (unrelated to detection/cleaning engines), this is an extra tool which can be downloaded through the website.

    In the same way, a tool for recreating OS settings (unrelated to detection/cleaning engines) could be downloaded through the website e.g. by administrators needing to switch some OS settings/policies to default.
  25. piperfect
    Offline

    piperfect Registered Member

    Please get rid of the dash in usernames. I have installed Nod32 at least a thousand times and it irritates me every time that I have to enter a user name I have to click drag over the username instead of just double clicking to highlight the word. I had to install Nod32 on a system with a dodgy mouse today and I almost threw a temper tantrum.